IBM Watson Campaign Automation (WCA)

IBM Watson Campaign Automation is a digital marketing automation platform designed to put the power of data in the hands of the marketer. Use behavioural data from any source to create consistent campaigns wherever your customers are, through channels like email, web, mobile apps, SMS, social, group messaging and more.

Features

Design and automate consistent cross-channel experiences

Understand and report on customer behaviour with cognitive analytics

Scalable, cloud-based platform that integrates with customer sources and tools

After Hours Support for entitled customers is available only for Severity 1 (critical business impact/service down) issues on weekends, and holidays.

User can manage status and priority of support tickets

Yes

Online ticketing support accessibility

None or don’t know

Phone support

Yes

Phone support availability

9 to 5 (UK time), Monday to Friday

Web chat support

No

Onsite support

Yes, at extra cost

Support levels

Please refer to the below link for information on IBM's severity levelshttps://www-01.ibm.com/software/support/support_guide.html?product=2507594

Support available to third parties

Yes

Onboarding and offboarding

Onboarding and offboarding

Getting started

IBM Watson Campaign Automation Orientation is a foundation, education package for IBM Watson Campaign Automation. It provides a high-level description of Watson Campaign Automation features and capabilities, along with an introduction to the Customer Engagement Model. The orientation package is included with an initial subscription to Watson Campaign Automation, and should be completed prior to starting the required, onboarding service. It is delivered as a self-service offering, and includes video and web-based recordings.

IBM Watson Campaign Automation Light Onboarding Services:This service is a combination of provisioning and training that is designed to enable users to configure and utilize offerings in the Watson Campaign Automation Standard and Essentials offerings. This remotely delivered service provides up to 15 hours and is required with an initial subscription to Watson Campaign Automation. An onboarding consultant is assigned to guide Clients through the onboarding process which is delivered through a series of remote meetings and recorded, web-based learning sessions. Onboarding services include provisioning, configuration and setup, training, and Q & A.

There is also a comprehensive publicly available knowledge base accessible via the below linkhttps://www.ibm.com/support/knowledgecenter/en/SSWU4L/imc/product_welcome_kc_imc.html, along with education badges at a variety of levels for different user roles.

Service documentation

Yes

Documentation formats

HTML

PDF

End-of-contract data extraction

Specific data elements of the Cloud Service shall be available within the Cloud Service as follows (the"Data Retention Period"):- Databases (contact lists) and templates: 450 days from last use (actively used databases and templates are retained indefinitely while the service is active).- Messages, collateral used in messages (e.g., graphics, pictures, documents, and templates), and email click-tracking data: 450 days from the date the message is sent.- Web tracking for known or authenticated visitors: 180 days- Web tracking for anonymous visitors: 30 days (records may be converted to "known"if the user's identity becomes known within the 30 days).- Universal Behaviors: 180 days

IBM will retain Content (including Client Personal Data) that is stored or persisted within this Cloud Service after termination or expiration of the Cloud Service, until removal of content is specifically requested by Client. These data elements may be removed from IBM's network and systems after the Data Retention Period has expired, and in any event, IBM may destroy all copies of these data elements, and any other related Client data, 30 days following termination or expiration of the Subscription Period.

End-of-contract process

The term of the Cloud Service begins on the date IBM notifies Client of their access to the Cloud Service, as documented in the PoE. The PoE will specify whether the Cloud Service renews automatically, proceeds on a continuous use basis, or terminates at the end of the term.

For automatic renewal, unless Client provides written notice not to renew at least 90 days prior to the term expiration date, the Cloud Service will automatically renew for the term specified in the PoE.

For continuous use, the Cloud Service will continue to be available on a month to month basis until Client provides 90 days written notice of termination. The Cloud Service will remain available to the end of the calendar month after such 90 day period.

Using the service

Using the service

Web browser interface

Yes

Supported browsers

Internet Explorer 11

Firefox

Chrome

Application to install

No

Designed for use on mobile devices

Yes

Differences between the mobile and desktop service

There should be no difference between the web and mobile experiences.

Accessibility standards

None or don’t know

Description of accessibility

This is something we can discuss.

Accessibility testing

This is something we can discuss.

API

Yes

What users can and can't do using the API

There is no API available to set up the services or make changes to the service.

The WCA Platform developer content includes API and SDK documentation that applies across all Watson Campaign Automation features. Full details can be found in the following link:https://developer.ibm.com/customer-engagement/docs/watson-marketing/ibm-engage-2/watson-campaign-automation-platform/

The IBM Universal Behaviour Exchange element provides an open API mechanism for the transfer of data to and from IBM applications and also to/from third party partners as selected by the client.

API documentation

Yes

API documentation formats

HTML

PDF

Other

API sandbox or test environment

No

Customisation available

Yes

Description of customisation

Watson Customer Engagement provides a developerWorks developer center dedicated to allowing developers to customize our offerings. You can find all the latest information from our team of experts in the API developer center.

Here are just a few of the available resources:- Interactive API reference in API explorer- SDKs available in GitHub- Tutorials with example code- Events to keep you in the loop on the latest innovations- dW answers to ask questions of our experts

In the developer centre, you can also share information, interact with our developers, try out samples, ask questions, and provide feedback. To access the IBM API developer centre, see https://developer.ibm.com/customer-engagement/docs/watson-marketing/ibm-engage-2/watson-campaign-automation-platform/.

Scaling

Scaling

Independence of resources

The architecture of IBM cloud services maintains logical separation of client data. Internal rules and measures separate data processing, such as inserting, modifying, deleting, and transferring data, according to the contracted purposes.

Analytics

Analytics

Service usage metrics

Yes

Metrics types

Number of marketing interactions are provided by request. Specific sends can be seen in the platform's reporting (i.e. number of contacts an email was sent to).

A Marketing Interaction is an inbound or outbound touch point/communication. Examples of these communications are an email message, a mobile push, a device application message, transactional messages, content displayed in browsers, a social impression, and ad target. These can be related to anonymous or known visitors, or customers.

Reporting types

Real-time dashboards

Reports on request

Resellers

Resellers

Supplier type

Not a reseller

Staff security

Staff security

Staff security clearance

Other security clearance

Government security clearance

Up to Developed Vetting (DV)

Asset protection

Asset protection

Knowledge of data storage and processing locations

Yes

Data storage and processing locations

United Kingdom

European Economic Area (EEA)

EU-US Privacy Shield agreement locations

Other locations

User control over data storage and processing locations

Yes

Datacentre security standards

Complies with a recognised standard (for example CSA CCM version 3.0)

Penetration testing frequency

At least once a year

Penetration testing approach

‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider

Data importing and exporting

Data importing and exporting

Data export approach

Reports can be exported to CSV and PDF format. You can export data from any widget in CSV format.Mailing reports data can be exported in TSV and CSV format. Databases, contact lists and queries can be exported in TSV, CSV and PIPE format.

Data export formats

CSV

Other

Other data export formats

PDF

PSV

TSV

Data import formats

CSV

Other

Other data import formats

TSV

PSV

Data-in-transit protection

Data-in-transit protection

Data protection between buyer and supplier networks

Private network or public sector network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Other

Other protection between networks

IBM will encrypt content not intended for public or unauthenticated viewing when transferring content over public networks. Further, unless excluded by a TD, IBM will enable use of a cryptographic protocol, such as HTTPS, SFTP, and FTPS, for Client’s secure transfer of content to and from the Cloud Service over public networks. Client Content can be optionally encrypted at rest within the IBM Cloud Datacenter when requested or configured as such by Client.

Data protection within supplier network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience

Guaranteed availability

IBM provides the following availability service level agreement ("SLA") for the Cloud Service as specified in a PoE. The SLA is not a warranty. The SLA is available only to Client and applies only to use in production environments.

Compensation for a valid SLA claim will be a credit against a future invoice for the Cloud Service based on the duration of time during which production system processing for the Cloud Service is not available ("Downtime"). IBM will apply the highest applicable compensation based on the cumulative availability of the Cloud Service during each contracted month, as shown below. The total compensation with respect to any contracted month cannot exceed 20 percent of one twelfth (1/12th) of the annual charge for the Cloud Service.

Availability during a contracted month / Compensation (% of monthly subscription fee for contracted month that is the subject of a claim)Less than 99.95% / 2%Less than 99.00% / 5%Less than 98.00% / 10%Less than 97.00% / 20%

Exact information can be found in the Service Description.

Approach to resilience

Available at request.

Outage reporting

Clients are alerted to any potential interruptions to service on the website application itself, via the support portal and via email alert.

Standards and certifications

Standards and certifications

ISO/IEC 27001 certification

Yes

Who accredited the ISO/IEC 27001

Bureau Veritas

ISO/IEC 27001 accreditation date

17/11/2017

What the ISO/IEC 27001 doesn’t cover

The infrastructure and platform this offering is run on is ISO/IEC 27001 compliant.https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ST&infotype=SA&htmlfid=KUJ12445USEN&attachment=KUJ12445USEN.PDF

ISO 28000:2007 certification

No

CSA STAR certification

No

PCI certification

No

Other security certifications

No

Security governance

Security governance

Named board-level person responsible for service security

Yes

Security governance certified

Yes

Security governance standards

ISO/IEC 27001

Information security policies and processes

IBM has an Information Technology (IT) Security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure. IBM’s IT Security policy is supplemented by standards and guidelines, such as the Security Standards for IBM's Infrastructure, the Security and Use Standards for IBM Employees and the Security Guidelines for Outsourced Business Services. Such are reviewed by a cross-company team led by the IT Risk organization every six months.

IBM has a dedicated Vice President of IT Security who leads a team responsible for IBM's own enterprise data security standards and practices. Responsibility and accountability for executing internal security programs is established through formal documented policies. IBM Services teams also have dedicated executives and teams who are responsible for information and physical security in the delivery of our client services.

Operational security

All changes to the IBM WCA platform, including software and infrastructure, must be approved and implemented according to a formal Change Control process. Every change must be documented in a Change Control Request (CCR) that is reviewed by the Change Control Committee (CCC) for the business justification, potential impact, and completeness of required activities (e.g. applicable testing). Application source code is maintained in a code-repository/version-control tool; system builds and application builds are maintained in a deployment-automation system. Approved changes are implemented during scheduled maintenance windows by the Configuration Management and Operations teams using automation tools.

A Web Application Security Assessment (WASA) is performed on every major release by an application-security specialist in Information Security, at least one per year is performed by an independent third party that provides an attestation. Platform infrastructure and network are subject to attack-and-penetration testing and vulnerability scans by IBM at least quarterly and by an independent third party at least annually. All findings from security testing are presented to appropriate stakeholders for analysis, determining validity and potential risk exposure, those that present a risk exposure warranting remediation are prioritised, placed in the schedule accordingly, and tracked through verification of remediation.

The WCA Information Security Team manages and coordinates all investigations and incident responses related to security and privacy and engage other internal teams and resources, including the broader IBM Computer Security Incident Response Team (CSIRT), as appropriate given the nature of the situation. If an investigation indicates that the security or privacy of a customer's data or account(s) may have been compromised, IBM will engage the customer to provide the relevant information and solicit participation in the investigation. For confirmed issues, the Information Security Team performs root-cause analysis to ensure the underlying cause of the issue is corrected.

The WCA Information Security Team manages and coordinates all investigations and incident responses related to security and privacy and engage other internal teams and resources, including the broader IBM Computer Security Incident Response Team (CSIRT), as appropriate given the nature of the situation. If an investigation indicates that the security or privacy of a customer's data or account(s) may have been compromised, IBM will engage the customer to provide the relevant information and solicit participation in the investigation. For confirmed issues, the Information Security Team performs root-cause analysis to ensure the underlying cause of the issue is corrected.